Portál AbcLinuxu, 10. května 2025 11:37
/dev/mapper/dc--hatt--skole-home /home ext4 defaults,acl 0 2
v fstab, kdyby nekoho zajimal config tak prikladam
[global] workgroup = HATTFJELLDAL server string = %h server (PDC) #netbios name = samba1 #dns proxy = no interfaces = eth0, lo bind interfaces only = Yes passdb backend = ldapsam:ldaps://dc-hatt-skole.hattfjelldal.no ldap ssl = off #obey pam restrictions = no #enable privileges = yes panic action = /usr/share/samba/panic-action %d security = user syslog = 0 log level = 1 # passdb:5 auth:10 winbind:2 log file = /var/log/samba/%m max log size = 500 #smb ports = 139 hosts allow = 127.0.0.1 10.1.1.0/24 10.2.1.0/24 10.3.1.0/24 192.168.1.0/24 hosts deny = 0.0.0.0/0 #wins support = yes #name resolve order = wins bcast hosts time server = yes encrypt passwords = true add user script = /usr/sbin/smbldap-useradd -m "%u" delete user script = /usr/sbin/smbldap-userdel "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" add machine script = /usr/sbin/smbldap-useradd -t 0 -w "%u" ldap delete dn = Yes #logon script = logon.bat #hide files = /desktop.ini/Desktop.ini/ logon path = logon home = #logon path = \\%L\profiles\%U #logon path = \\dc-hatt-skole\paku\profile logon drive = H: #logon home = \\dc-hatt-skole\%U domain master = Yes domain logons = Yes preferred master = Yes #wins support = Yes ldap suffix = dc=hattfjelldal,dc=no ldap machine suffix = ou=Computers ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=admin,dc=hattfjelldal,dc=no ldap passwd sync = Yes #passwd program = /usr/bin/passwd %u passwd program = /usr/sbin/smbldap-passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* #idmap backend = ldap:ldap://localhost #idmap uid = 10000-20000 #idmap gid = 10000-20000 #winbind nested groups = yes #winbind use default domain = no #winbind trusted domains only = yes #winbind enum users = yes #winbind enum groups = yes #map acl inherit = Yes printcap name = cups #show add printer wizard = No load printers = yes printing = cups socket options = TCP_NODELAY [homes] comment = Home Directories #path = /home/users/%g/%u browseable = no #writable = yes read only = no create mask = 0700 directory mask = 0700 valid users = %S [netlogon] comment = Network Logon Service path = /srv/samba/netlogon guest ok = yes read only = yes admin users = paku, kesj [printers] comment = All Printers browseable = no path = /var/spool/samba public = yes printable = yes guest ok = yes writable = no # read only = yes [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no write list = root [2001] path = /home/users/2001 writable = yes browseable = yes create mask = 0775 directory mask = 0775 force create mode = 0775 # valid users = %g admin users = paku, kesj [2002] path = /home/users/2002 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [2003] path = /home/users/2003 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [2004] path = /home/users/2004 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [2005] path = /home/users/2005 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [2006] path = /home/users/2006 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [2007] path = /home/users/2007 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [2008] path = /home/users/2008 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [2009] path = /home/users/2009 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [2010] path = /home/users/2010 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [2011] path = /home/users/2011 writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [Elever_Varntresk] path = /home/users/Elever_V_tresk writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [Elever_Susendal] path = /home/users/Elever_S_dal writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [Haskadm] path = /home/users/Laerere_H_dal writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [Vaskadm] path = /home/users/Laerere_V_tresk writable = yes browseable = yes create mask = 0777 directory mask = 0777 admin users = paku, kesj [Suskadm] path = /home/users/Laerere_S_dal writable = yes browseable = yes create mask = 0777 directory mask = 0777 # valid users = %g admin users = paku, kesj [Felles] path = /home/users/Felles writable = yes browseable = yes create mask = 0777 directory mask = 0777 admin users = paku, kesj [Mandatory] path = /home/users/mandatory writable = yes browseable = no profile acls = yes guest ok = yes create mode = 0600 directory mode = 0700jedina vec co mom. nefunguje je, ze kdyz otevru ve win. vlastnosti>>bezpecnost(security), tak nejsou zobrazeny atributy u user,group,others (ktery byly drive nastaveny napr. pri vytvoreni adresare v cmd), kdyz pridam nove uzivatele, a naklikam prava, tak pri pristim otevreni uz to "drzi" a z pohledu
getfacl jsou prava nastavena spravne ...
Tiskni
Sdílej:
ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.